Mom’s Meals – A Ransomware Attack Exposed Millions

By now, we all know that big companies, especially in the USA, have been constant targets for cybercriminals. Regardless of the profession, if it’s “Financially” beneficial, it’s on the threat actors’ radar. Speaking of, one of the biggest meal delivery services in the US – Mom’s Meals – has disclosed a breach affecting over a million customers.

It all started with some irregular activity back in February. Then, everything escalated to become a ransomware attack. And now, over 1.2 million customers’ personal information is at large.

The number is huge, which raises concerns about how impactful this attack can be. How did it happen? Who’s behind it? We’ve discussed everything in the following article.

Mom’s Meals Breach – A Bitter Taste

As we mentioned, cyber criminals do not differentiate between their targets, especially when the benefit they get in the end is worth it.

Huge names across the globe have fallen victim to constant attacks, losing millions in the process. This particular incident shows that the “Food Industry” is definitely on the threat actors’ radar.

In fact, a couple of months ago, a cyber attack forced Yum! Brands to stop its operations in around 300 restaurants in the United Kingdom.

It’s getting out of hand. Even the “Gaming” department has seen its fair share of incidents. We can’t forget the time someone hijacked Rockstar Games’ Slack conversations, leaking footage of the in-development version of GTA 6.

Now, Mom’s Meals is in the spotlight, and we have some interesting information to share. You see, the entire thing started off in a vague way.

Apparently, the breach saw the light after an anonymous Mom’s Meals employee contacted an outlet to address the fact that they had been missing work and pay for a week due to “an internet issue.”

Guess the company didn’t want everyone to know that their systems have been breached. Not only that, but it also prompted its employees to call in every day to check if their sector is operational or not.

What Was Exposed?

Regardless, the breach occurred, and investigations went underway. Mom’s Meals worked with third-party security firms and determined that the breach occurred between January 16 and February 22 of this year.

Upon identifying suspicious account behavior on February 22, 2023, we launched an investigation with the help of third-party specialists.

The investigation determined that we experienced a cyberattack between January 16, 2023, and February 22, 2023, that included the encryption of certain files in our network.

Because the investigation identified the presence of tools that could be used for data exfiltration (the unauthorized transfer of data), we can’t rule out the possibility that data was taken from one of our file servers.

Source: PurFood

According to PurFood’s statement, the incident impacted 1,237,681 people. Unfortunately, the data is too sensitive to overlook.

In some cases, only names and emails get exposed. This time around, the following data is in question:

• Health information
• Treatment information
• Diagnosis code
• Meal category and cost
• Health insurance information
• Date of birth
• Driver’s license
• State identification number
• Medical record number
• Medicare and Medicaid identification
• Patient ID number.
• Social Security Numbers (for >1% of the exposed people)
• Financial account information
• Payment card information

Yes, credit card information is included, which can lead to devastating consequences in the near future. If you’re one of Mom’s Meals customers, you better keep an eye on your credit card’s activity.

But you don’t have to worry. Whoever is impacted by this breach will receive credit monitoring and identity protection services through Kroll for 12 months, free of charge.

New Day, New Breach – Ransomware is on the Rise

As always, exposing personal information can lead to dangerous outcomes in the future. With such data, threat actors can conduct further attacks, including scams, phishing, and social engineering attacks.

All you have to do now is approach everything with complete caution. Remain vigilant when checking your emails and never click on a link without checking the source.